|
281481
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2014-9573
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281482
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with t…
|
CWE-284
Improper Access Control
|
CVE-2014-9572
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281483
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9571
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281484
|
- |
|
xiph
opensuse
|
vorbis-tools
opensuse
|
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9640
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281485
|
- |
|
xiph
fedoraproject
opensuse
|
vorbis-tools
fedora
opensuse
|
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory ac…
|
NVD-CWE-Other
|
CVE-2014-9639
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281486
|
- |
|
fedoraproject
opensuse
xiph
|
fedora
opensuse
vorbis-tools
|
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
|
NVD-CWE-Other
|
CVE-2014-9638
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281487
|
- |
|
redhat
openstack
|
openstack
image_registry_and_delivery_service_\(glance\)
|
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image i…
|
CWE-399
Resource Management Errors
|
CVE-2014-9623
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281488
|
- |
|
gentoo
|
xdg-utils
|
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
|
CWE-77
Command Injection
|
CVE-2014-9622
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281489
|
- |
|
file_project
|
file
|
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.
|
CWE-399
Resource Management Errors
|
CVE-2014-9621
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281490
|
- |
|
file_project
|
file
|
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.
|
CWE-399
Resource Management Errors
|
CVE-2014-9620
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
